<?php


class RbacController extends AdminController
{
    //添加角色
    
    private $_db;
	public function init ()
	{
		//parent::init();
		//parent::auth();
		//$this->_db = Yii::app()->db;	
		//exit('暂不开启,后续待开发');
	}
	
	/**
	 * !CodeTemplates.overridecomment.nonjd!
	 * @see CController::beforeAction()
	 */
	
    
    
    
    public function actionInit ()
    {    
       
	 
    }
    
   
 
        public function actionIndex()
        {
            $auth = Yii::app()->authManager;
            p_e($auth);
            if ($auth !== NULL){
                $auth->clearAll();
                //create roles
                $auth->createOperation('createPost','create a post');
                $auth->createOperation('readPost','read a post');
                $auth->createOperation('updatePost','update a post');
                $auth->createOperation('deletePost','delete a post');

                $bizRule='return Yii::app()->user->id==$params["post"]->authID;';
                $task=$auth->createTask('updateOwnPost','update a post by author himself',$bizRule);
                $task->addChild('updatePost');

                $role=$auth->createRole('reader');
                $role->addChild('readPost');

                $role=$auth->createRole('author');
                $role->addChild('reader');
                $role->addChild('createPost');
                $role->addChild('updateOwnPost');

                $role=$auth->createRole('editor');
                $role->addChild('reader');
                $role->addChild('updatePost');

                $role=$auth->createRole('admin');
                $role->addChild('editor');
                $role->addChild('author');
                $role->addChild('deletePost');

                $auth->assign('reader','readerA');
                $auth->assign('author','authorB');
                $auth->assign('editor','editorC');
                $auth->assign('admin','adminD');

                
                
                }else{
                    $message = 'Please config your authManage as a compontion in main.php';
                    throw new CHttpException(0, $message);
                }

                }
    
   
    
	public function actionRule()
	{
         //   echo  $this->getId();  
          //  echo  Yii::app()->controller->action->id; 
		if($_POST)
                {
                    $rolename = $_POST['rolename'];
                    $roletype = $_POST['roletype'];
                    $description = $_POST['description'];
                    $sql = "insert into authitem(name,type,description) values('{$rolename}','{$roletype}','{$description}')";
                    $xinyun_name = Yii::app()->db->createCommand($sql)->execute();
                     if ($xinyun_name) {
                            Yii::app()->jump->success("设置成功", "/xyhadm/rbac/rule");
                        } else {
                            Yii::app()->jump->error("设置失败");
                        }
                }
		$this->render('rule');
	}
        //用户绑定角色
	public function actionUser()
	{   
                //查出所有用户
		$sql = "select id,username from {{alumni_user}}";
		$admin_name = Yii::app()->db->createCommand($sql)->queryAll();
                
                //查出所有角色
                $sql_role = "select name,type from {{authitem}} where type=2";
                $admin_role = Yii::app()->db->createCommand($sql_role)->queryAll();
                if($_POST)
                {
                    $user_id = $_POST['user_id'];
                    $role_id = $_POST['role_id'];
                  //  $sql_c = "select * from authassignment where userid='{$user_id}' and role_id='{$role_id}'";  备用
                    $sql_c = "select * from {{authassignment}} where userid='{$user_id}' ";
                    $che = Yii::app()->db->createCommand($sql_c)->queryAll();
                    if($che)
                    {
                        $sql_u = "update {{authassignment}} set role_id='{$role_id}' where userid = '{$user_id}'";
                        $xinyun_name = Yii::app()->db->createCommand($sql_u)->execute();
                    }
                    else
                    {
                        $sql_r = "insert into {{authassignment}(userid,role_id) values('{$user_id}','{$role_id}')";
                        $xinyun_name = Yii::app()->db->createCommand($sql_r)->execute();
                    }
                        if ($xinyun_name) 
                         {
                            Yii::app()->jump->success("设置成功", "/xyhadm/rbac/user");
                          } 
                         else 
                         {
                              Yii::app()->jump->error("设置失败");
                          }
                    }
		$this->render('user',array(
                        'admin_name'=>$admin_name,
                        'admin_role'=>$admin_role
                        ));
	}
        //添加控制器
        public function actionOperate()
        {
            if($_POST)
            {
                $operatename = $_POST['operatename'];
                $roletype = $_POST['roletype'];
                $description = $_POST['description'];
                $sql = "insert into {{authitem}}(name,type,description) values('{$operatename}','{$roletype}','{$description}')";
                $xinyun_name = Yii::app()->db->createCommand($sql)->execute();
                 if ($xinyun_name) {
                        Yii::app()->jump->success("设置成功", "/xyhadm/rbac/operate");
                    } else {
                        Yii::app()->jump->error("设置失败");
                    }
            }
            $this->render('operate');
        }
        //角色和控制器绑定
        public function actionItem()
	{
		$sql_role = "select name,type from {{authitem}} where type=2";
		$role_name = Yii::app()->db->createCommand($sql_role)->queryAll();
                
                $sql_operate = "select name,type,description from {{authitem}} where type=1";
		$role_operate = Yii::app()->db->createCommand($sql_operate)->queryAll();
                
                if($_POST)
                {
                    $role_id = $_POST['role_id'];
                    $operate_id = $_POST['operate_name'];
                    $sql_r = "insert into {{authitemchild}}(role_id,child) values('{$role_id}','{$operate_id}')";
                    $role_operates = Yii::app()->db->createCommand($sql_r)->execute();
                     if ($role_operates) {
                        Yii::app()->jump->success("设置成功", "/xyhadm/rbac/item");
                    } else {
                        Yii::app()->jump->error("设置失败");
                    }
                }
		$this->render('item',array(
                    'role_name'=>$role_name,
                    'role_operate'=>$role_operate
                    
                ));
	}
}
